Fabien Potencier
548f1cbf73
updated CHANGELOG for 2.7.48
2018-05-25 13:45:30 +02:00
Nicolas Grekas
ec30366209
[SecurityBundle] fix test
2018-05-25 13:23:15 +02:00
Nicolas Grekas
993c028185
Merge branch '2.8' into 3.4
...
* 2.8:
[HttpFoundation] Fix perf issue during MimeTypeGuesser intialization
2018-05-25 13:07:31 +02:00
Nicolas Grekas
46c2d4b3b0
bug #27364 [DI] Fix bad exception on uninitialized references to non-shared services (nicolas-grekas)
...
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix bad exception on uninitialized references to non-shared services
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27360
| License | MIT
| Doc PR | -
This restriction is unneeded complexity that prevents legit use cases (see linked issue #27360 ).
Commits
-------
8bba68f811
[DI] Fix bad exception on uninitialized references to non-shared services
2018-05-25 13:02:29 +02:00
Fabien Potencier
ca6cc78c7e
Merge branch '2.7' into 2.8
...
* 2.7:
[HttpFoundation] Fix perf issue during MimeTypeGuesser intialization
2018-05-25 13:00:14 +02:00
Fabien Potencier
ab32125187
bug #27359 [HttpFoundation] Fix perf issue during MimeTypeGuesser intialization (nicolas-grekas)
...
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Fix perf issue during MimeTypeGuesser intialization
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27307
| License | MIT
| Doc PR | -
introduced in #26886
![image](https://user-images.githubusercontent.com/243674/40451947-918f5358-5ee0-11e8-9f1a-cf707bf3cefa.png )
Commits
-------
f8e7a18d1b
[HttpFoundation] Fix perf issue during MimeTypeGuesser intialization
2018-05-25 12:53:06 +02:00
Nicolas Grekas
531fcacd5f
[SecurityBundle] update conflict rule
2018-05-25 11:04:35 +02:00
Christian Flothmann
a1166b5527
fix class existence
2018-05-25 10:40:41 +02:00
Christian Flothmann
e65a122d17
fix tests
2018-05-25 09:52:36 +02:00
Fabien Potencier
5b7d5abb88
Merge branch '2.8' into 3.4
...
* 2.8:
fixed constraints
fixed constraints
bumped dep
bumped dep
2018-05-25 09:50:41 +02:00
Fabien Potencier
2ed0cedb19
fixed constraints
2018-05-25 09:32:23 +02:00
Fabien Potencier
43a0affb8f
Merge branch '2.7' into 2.8
...
* 2.7:
fixed constraints
bumped dep
bumped dep
2018-05-25 08:52:49 +02:00
Fabien Potencier
2f34263a1a
fixed constraints
2018-05-25 08:35:17 +02:00
Fabien Potencier
1151ab28c0
bumped dep
2018-05-25 08:20:37 +02:00
Fabien Potencier
87153549f6
bumped dep
2018-05-25 07:45:02 +02:00
Gabriel Ostrolucký
47f0e732d9
[HttpFoundation] Fix cookie test with xdebug
...
Here's the failure without this patch:
```
Testing Symfony\Component\HttpFoundation\Tests\ResponseFunctionalTest
F..... 6 / 6 (100%)
Time: 1.07 seconds, Memory: 4.00MB
There was 1 failure:
1) Symfony\Component\HttpFoundation\Tests\ResponseFunctionalTest::testCookie with data set #0 ('cookie_max_age')
Failed asserting that string matches format description.
--- Expected
+++ Actual
@@ @@
Warning: Expiry date cannot have a year greater than 9999 in /home/gadelat/PhpstormProjects/symfony/src/Symfony/Component/HttpFoundation/Tests/Fixtures/response-functional/cookie_max_age.php on line 10
+Call Stack:
+ 0.0004 390392 1. {main}() /home/gadelat/PhpstormProjects/symfony/src/Symfony/Component/HttpFoundation/Tests/Fixtures/response-functional/cookie_max_age.php:0
+ 0.0178 500960 2. setcookie() /home/gadelat/PhpstormProjects/symfony/src/Symfony/Component/HttpFoundation/Tests/Fixtures/response-functional/cookie_max_age.php:10
+
+
Array
(
[0] => Content-Type: text/plain; charset=utf-8
[1] => Cache-Control: no-cache, private
[2] => Date: Sat, 12 Nov 1955 20:04:00 GMT
- [3] => Set-Cookie: foo=bar; expires=Sat, 01-Jan-10000 02:46:40 GMT; Max-Age=%d; path=/
+ [3] => Set-Cookie: foo=bar; expires=Sat, 01-Jan-10000 02:46:40 GMT; Max-Age=251875115405; path=/
)
shutdown
/home/gadelat/PhpstormProjects/symfony/src/Symfony/Component/HttpFoundation/Tests/ResponseFunctionalTest.php:49
```
2018-05-24 22:59:06 +02:00
Fabien Potencier
87622765e5
Merge branch '2.8' into 3.4
...
* 2.8:
fixtures config fix
2018-05-24 21:00:05 +02:00
Christian Flothmann
32c73a71a7
fixtures config fix
2018-05-24 20:59:44 +02:00
Fabien Potencier
777727829d
added missing constraint
2018-05-24 20:20:58 +02:00
Fabien Potencier
91c25689d2
simplified code
2018-05-24 17:52:07 +02:00
Fabien Potencier
500bede9c8
Merge branch '2.8' into 3.4
...
* 2.8:
[SecurityBundle] Fail if security.http_utils cannot be configured
2018-05-24 15:24:30 +02:00
Fabien Potencier
6d455f224b
Merge branch '2.7' into 2.8
...
* 2.7:
[SecurityBundle] Fail if security.http_utils cannot be configured
2018-05-24 15:22:57 +02:00
Fabien Potencier
b20e83562e
security #cve-2018-11408 [SecurityBundle] Fail if security.http_utils cannot be configured
...
* cve-2018-11408-2.7:
[SecurityBundle] Fail if security.http_utils cannot be configured
2018-05-24 15:22:46 +02:00
Nicolas Grekas
c003b7a247
[SecurityBundle] Fail if security.http_utils cannot be configured
2018-05-24 15:22:37 +02:00
Fabien Potencier
fd29c8c204
Merge branch '2.8' into 3.4
...
* 2.8:
2018-05-24 15:17:49 +02:00
Fabien Potencier
2111742676
Merge branch '2.7' into 2.8
...
* 2.7:
clear CSRF tokens when the user is logged out
2018-05-24 14:58:29 +02:00
Fabien Potencier
ebc2819d1d
Merge branch '2.8' into 3.4
...
* 2.8:
clear CSRF tokens when the user is logged out
2018-05-24 14:51:10 +02:00
Fabien Potencier
a5d0b571fa
Merge branch '2.7' into 2.8
...
* 2.7:
clear CSRF tokens when the user is logged out
2018-05-24 14:44:24 +02:00
Fabien Potencier
319e1bdd43
security #cve-2018-11406 clear CSRF tokens when the user is logged out
...
* cve-2018-11406-2.7:
clear CSRF tokens when the user is logged out
2018-05-24 14:39:56 +02:00
Christian Flothmann
4b91c171af
clear CSRF tokens when the user is logged out
2018-05-24 14:39:52 +02:00
Nicolas Grekas
8bba68f811
[DI] Fix bad exception on uninitialized references to non-shared services
2018-05-24 14:02:14 +02:00
Kévin Dunglas
e88e0f30f1
[Serializer] Check the value of enable_max_depth if defined
2018-05-24 13:51:58 +02:00
Nicolas Grekas
1314a952cd
[DI] remove dead code
2018-05-24 09:11:23 +02:00
Nicolas Grekas
f8e7a18d1b
[HttpFoundation] Fix perf issue during MimeTypeGuesser intialization
2018-05-23 23:23:26 +02:00
Gabriel Ostrolucký
87b3ad91d2
[PhpUnitBridge] silence some stderr outputs
2018-05-23 23:09:40 +02:00
Fabien Potencier
194caff28b
security #cve-2018-11385 migrating session for UsernamePasswordJsonAuthenticationListener
...
* cve-2018-11385-3.4:
migrating session for UsernamePasswordJsonAuthenticationListener
2018-05-23 16:58:32 +02:00
Ryan Weaver
891ae6b28b
migrating session for UsernamePasswordJsonAuthenticationListener
2018-05-23 16:58:28 +02:00
Fabien Potencier
73432d5fbb
Merge branch '2.8' into 3.4
...
* 2.8:
Adding session authentication strategy to Guard to avoid session fixation
Adding session strategy to ALL listeners to avoid *any* possible fixation
[HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode
2018-05-23 16:55:09 +02:00
Fabien Potencier
fad1e1f2ea
security #cve-2018-11385 Adding session authentication strategy to Guard to avoid session fixation
...
* cve-2018-11385-2.8:
Adding session authentication strategy to Guard to avoid session fixation
2018-05-23 15:51:54 +02:00
Ryan Weaver
f2e83ba44d
Adding session authentication strategy to Guard to avoid session
...
fixation
2018-05-23 15:51:48 +02:00
Fabien Potencier
a1a5fa8b2f
Merge branch '2.7' into 2.8
...
* 2.7:
Adding session strategy to ALL listeners to avoid *any* possible fixation
2018-05-23 15:51:01 +02:00
Fabien Potencier
fa5bf4b17d
security #cve-2018-11385 Adding session strategy to ALL listeners to avoid *any* possible fixation
...
* cve-2018-11385-2.7:
Adding session strategy to ALL listeners to avoid *any* possible fixation
2018-05-23 15:50:13 +02:00
Ryan Weaver
a5855e8c97
Adding session strategy to ALL listeners to avoid *any* possible
...
fixation
2018-05-23 15:49:30 +02:00
Fabien Potencier
abc802390b
Merge branch '2.7' into 2.8
...
* 2.7:
[HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode
2018-05-23 15:29:24 +02:00
Fabien Potencier
ffd612c9a6
Merge branch '2.8' into 3.4
...
* 2.8:
bumped Symfony version to 2.8.41
updated VERSION for 2.8.40
updated CHANGELOG for 2.8.40
bumped Symfony version to 2.7.48
updated VERSION for 2.7.47
update CONTRIBUTORS for 2.7.47
updated CHANGELOG for 2.7.47
2018-05-23 15:26:51 +02:00
Fabien Potencier
a75781cc29
Merge branch '2.7' into 2.8
...
* 2.7:
bumped Symfony version to 2.7.48
updated VERSION for 2.7.47
update CONTRIBUTORS for 2.7.47
updated CHANGELOG for 2.7.47
2018-05-23 15:24:13 +02:00
Fabien Potencier
47e72683c6
security #cve-2018-11386 [HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode
...
* cve-2018-11386:
[HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode
2018-05-23 15:15:59 +02:00
Nicolas Grekas
0cf874e23e
[HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode
2018-05-23 14:36:15 +02:00
Peter Kokot
a7a1325eab
[Validator] Update sl translation
2018-05-23 08:22:59 +02:00
Sergey Rabochiy
e36099503f
[FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING
2018-05-23 12:02:55 +07:00